Date: Mon, 11 Mar 2002 10:29:14 -0600 From: Server Admin <admin@sage-one.net> To: =?iso-8859-1?Q?=22Peter_Lepp=E4nen=22?= <pele02@handelsbanken.se> Cc: questions@FreeBSD.ORG Subject: Re: IPFW question! Message-ID: <3.0.5.32.20020311102914.01130098@mail.sage-one.net> In-Reply-To: <OFF2D61104.ADC2FBF9-ONC1256B79.0054F087@sth.shb.se>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter: I never could get that script to work out of the box, and modified
it considerably. It has a rule for http, but may not be assigned right for
you. Here is the rule I changed to and works for my setup:
# HTTP - Allow access to our web server
${fwcmd} add pass tcp from any to any 80 setup
At 04:34 PM 3.11.2002 +0100, Peter Lepp=E4nen wrote:
>
>Yes I understand that I have to modify the file if I like to have
additional services like ssh and ftp and so on.
>But the standard rc.firewall script, simple type should give me access to
DNS and HTTP.
>
>Is this not correct?
>
>/Peter
>
>
>
=20
> Server Admin
=20
> <admin@sage-one.net> To: "Peter
Lepp=E4nen" <pele02@handelsbanken.se>, =20
> Sent by: questions@FreeBSD.ORG
=20
> owner-freebsd-questions@F cc:
=20
> reeBSD.ORG Subject: Re: IPFW
question! =20
>
=20
>
=20
> 2002-03-11 16:28
=20
>
=20
>
=20
>
>
>
>
>Peter, you will need to modify that very sparse basic script to allow any
>additional services you want, like port 80 for http Internet services....
>
>At 02:24 PM 3.11.2002 +0100, Peter Lepp=E4nen wrote:
>>Hello!
>>
>>Installed a box with 4.5-release on it. Added IPFW and rebuilt the kernel.
>>Then I enabled NAT and IPFIREWALL in rc.conf (and disabled some other
>stuff).
>>For start I changed the ipfirewall_type to "OPEN" to check that NAT=
worked.
>>And so it did...up to this point everything worked great.
>>But when I changed the ipfirewall_type to "SIMPLE" I could no longer get
>>out on the Internet =3D(. The simple type should give me access to do at
>least DNS
>>queries and run HTTP. It says so in the rc.firewall file anyway.
>>The only modification that I have made to the rc.firewall file is adding=
my
>>ip, net and mask of my two NICs.
>>
>>Is this a known problem or what? Can=B4t find anything about it.
>>
>>Can somebody help me before I loose my mind! =3D)
>>
>>Regards!
>>
>>Peter
>>
>>
>>
>>To Unsubscribe: send mail to majordomo@FreeBSD.org
>>with "unsubscribe freebsd-questions" in the body of the message
>>
>>
>.... our website: http://www.sage-one.net/
>
>Best regards,
>
>Jack L. Stone
>Server Admin
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-questions" in the body of the message
>
>
>
>
>
>
.... our website: http://www.sage-one.net/
Best regards,
Jack L. Stone
Server Admin
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.20020311102914.01130098>